aports issueshttps://gitlab.alpinelinux.org/alpine/aports/-/issues2019-07-23T14:08:43Zhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2943[v2.7] ruby-actionpack: multiple fixes (CVE-2014-0081 CVE-2014-0082 CVE-2014-...2019-07-23T14:08:43ZAlexander Belous[v2.7] ruby-actionpack: multiple fixes (CVE-2014-0081 CVE-2014-0082 CVE-2014-0130)CVE-2014-0130:
Directory traversal vulnerability in
actionpack/lib/abstract\_controller/base.rb in the implicit-render
implementation in Ruby on Rails before 3.2.18, 4.0.x before 4.0.5, and
4.1.x before 4.1.1, when certain route globbi...CVE-2014-0130:
Directory traversal vulnerability in
actionpack/lib/abstract\_controller/base.rb in the implicit-render
implementation in Ruby on Rails before 3.2.18, 4.0.x before 4.0.5, and
4.1.x before 4.1.1, when certain route globbing configurations are
enabled, allows remote attackers to read arbitrary files via a crafted
request.
•MLIST:\[rubyonrails-security\] 20140506 \[CVE-2014-0130\] Directory
Traversal Vulnerability With Certain Route Configurations
•URL:
https://groups.google.com/forum/message/raw?msg=rubyonrails-security/NkKc7vTW70o/NxW\_PDBSG3AJ
*(from redmine: issue id 2943, created on 2014-05-23, closed on 2015-05-22)*
* Relations:
* parent #2940
* Changesets:
* Revision faa1f8ec83367fc8f31408957892c9f1ac3e4f45 by Natanael Copa on 2014-06-25T15:10:43Z:
```
main/ruby-actionpack: upgrade to 4.0.5
fixes #2943
```Alpine 2.7.9Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2939[v2.7] php: gain privileges via a crafted FastCGI client (CVE-2014-0185)2019-07-23T14:08:46ZAlexander Belous[v2.7] php: gain privileges via a crafted FastCGI client (CVE-2014-0185)•MLIST:\[oss-security\] 20140429 Fwd: \[vs\] php-fpm: privilege
escalation due to insecure default config (CVE-2014-0185)
•URL: http://www.openwall.com/lists/oss-security/2014/04/29/5
•MISC:
https://hoffmann-christian.info/files/php-...•MLIST:\[oss-security\] 20140429 Fwd: \[vs\] php-fpm: privilege
escalation due to insecure default config (CVE-2014-0185)
•URL: http://www.openwall.com/lists/oss-security/2014/04/29/5
•MISC:
https://hoffmann-christian.info/files/php-fpm/0001-Fix-bug-67060-use-default-mode-of-660.patch
•CONFIRM: http://www.php.net/ChangeLog-5.php
•CONFIRM: http://www.php.net/archive/2014.php\#id2014-05-01-1
•CONFIRM: https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1307027
•CONFIRM: https://bugs.php.net/bug.php?id=67060
•CONFIRM: https://bugzilla.redhat.com/show\_bug.cgi?id=1092815
•CONFIRM:
https://github.com/php/php-src/commit/35ceea928b12373a3b1e3eecdc32ed323223a40d
*(from redmine: issue id 2939, created on 2014-05-23, closed on 2014-06-02)*
* Relations:
* parent #2936Alpine 2.7.9Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2931[v2.7] libxml2: do not fetch external parameter entities (CVE-2014-0191)2019-07-23T14:08:51ZAlexander Belous[v2.7] libxml2: do not fetch external parameter entities (CVE-2014-0191)It was discovered that libxml2, a library providing support to read,
modify and write XML files, incorrectly performs entity substituton in
the doctype prolog, even if the application using libxml2 disabled any
entity substitution. A rem...It was discovered that libxml2, a library providing support to read,
modify and write XML files, incorrectly performs entity substituton in
the doctype prolog, even if the application using libxml2 disabled any
entity substitution. A remote attacker could provide a specially-crafted
XML file that, when processed, would lead to the exhaustion of CPU and
memory resources or file descriptors.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0191
http://www.openwall.com/lists/oss-security/2014/05/06/4
http://www.ubuntu.com/usn/usn-2214-1
COMMIT:
https://git.gnome.org/browse/libxml2/commit/?id=9cd1c3cfbd32655d60572c0a413e017260c854df
*(from redmine: issue id 2931, created on 2014-05-22, closed on 2014-05-23)*
* Relations:
* parent #2928
* Changesets:
* Revision bdd75c7cabe65053c4844583531d461b4935f9f1 by Natanael Copa on 2014-05-22T15:06:31Z:
```
main/libxml2: security fix for CVE-2014-0191
fixes #2931
```Alpine 2.7.9Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2927[v2.7] ldns: private key becomes to be world-readable (CVE-2014-3209)2019-07-23T14:08:56ZAlexander Belous[v2.7] ldns: private key becomes to be world-readable (CVE-2014-3209)ldns-keygen creates a private key with the default permissions according
to the users umask, which in most cases will cause the private key to be
world-readable.
http://advisories.mageia.org/MGASA-2014-0212.html
https://www.nlnetlabs....ldns-keygen creates a private key with the default permissions according
to the users umask, which in most cases will cause the private key to be
world-readable.
http://advisories.mageia.org/MGASA-2014-0212.html
https://www.nlnetlabs.nl/bugs-script/show\_bug.cgi?id=573
COMMIT:
http://git.nlnetlabs.nl/ldns/commit/?h=develop&id=169f38c1e25750f935838b670871056428977e6b
*(from redmine: issue id 2927, created on 2014-05-21, closed on 2014-05-23)*
* Relations:
* parent #2924
* Changesets:
* Revision ad1127d45af2d379c9a28fdef7b0e51da0af3f60 by Natanael Copa on 2014-05-22T14:57:06Z:
```
main/ldns: security fix for CVE-2014-3209
fixes #2927
```Alpine 2.7.9Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2922[v2.7] rxvt-unicode: remote arbitrary code execution (CVE-2014-3121)2019-07-23T14:09:00ZAlexander Belous[v2.7] rxvt-unicode: remote arbitrary code execution (CVE-2014-3121)rxvt-unicode before 9.20 does not properly handle OSC escape sequences,
which allows user-assisted remote attackers to manipulate arbitrary X
window properties and execute arbitrary commands.
•MLIST:\[oss-security\] 20140430 CVE request...rxvt-unicode before 9.20 does not properly handle OSC escape sequences,
which allows user-assisted remote attackers to manipulate arbitrary X
window properties and execute arbitrary commands.
•MLIST:\[oss-security\] 20140430 CVE request: rxvt-unicode user-assisted
arbitrary commands execution
•URL: http://seclists.org/oss-sec/2014/q2/204
•CONFIRM: http://dist.schmorp.de/rxvt-unicode/Changes
•DEBIAN:DSA-2925
•URL: http://www.debian.org/security/2014/dsa-2925
•FEDORA:FEDORA-2014-5938
•URL:
https://lists.fedoraproject.org/pipermail/package-announce/2014-May/133166.html
•FEDORA:FEDORA-2014-5939
•URL:
https://lists.fedoraproject.org/pipermail/package-announce/2014-May/133195.html
•BID:67155
•URL: http://www.securityfocus.com/bid/67155
*(from redmine: issue id 2922, created on 2014-05-21, closed on 2014-05-23)*
* Relations:
* parent #2920
* Changesets:
* Revision a260163ef50c0bd0cda6cbcad49a52fcf0c6172a by Natanael Copa on 2014-05-22T13:19:21Z:
```
main/rxvt-unicode: security upgrade to 9.20 (CVE-2014-3121)
fixes #2922
```Alpine 2.7.9Ariadne Conillariadne@ariadne.spaceAriadne Conillariadne@ariadne.spacehttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2919[v2.7] openssl: unproper managing of a buffer pointer in s3_pkt.c (CVE-2014-0...2019-07-23T14:09:04ZAlexander Belous[v2.7] openssl: unproper managing of a buffer pointer in s3_pkt.c (CVE-2014-0198)The do\_ssl3\_write function in s3\_pkt.c in OpenSSL 1.x through 1.0.1g,
when SSL\_MODE\_RELEASE\_BUFFERS is enabled, does not properly manage a
buffer pointer during certain recursive calls, which allows remote
attackers to cause a deni...The do\_ssl3\_write function in s3\_pkt.c in OpenSSL 1.x through 1.0.1g,
when SSL\_MODE\_RELEASE\_BUFFERS is enabled, does not properly manage a
buffer pointer during certain recursive calls, which allows remote
attackers to cause a denial of service (NULL pointer dereference and
application crash) via vectors that trigger an alert condition.
•CONFIRM: https://bugzilla.redhat.com/show\_bug.cgi?id=1093837
•CONFIRM:
https://rt.openssl.org/Ticket/Display.html?user=guest&pass=guest&id=3321
•OPENBSD:\[5.5\] 005: RELIABILITY FIX: May 1, 2014
•URL: http://www.openbsd.org/errata55.html\#005\_openssl
*(from redmine: issue id 2919, created on 2014-05-21, closed on 2014-06-02)*
* Relations:
* parent #2916
* Changesets:
* Revision d0064f3f832a9d56c6002a3d397bf7e03457ecec by Timo Teräs on 2014-05-29T14:43:27Z:
```
main/openssl: security fix to CVE-2014-0198
fixes #2919
```Alpine 2.7.9Timo TeräsTimo Teräshttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2802SNMP options not honored2019-07-23T14:10:43ZMichael YoungSNMP options not honoredWas getting “error on subcontainer ‘ia\_addr’ insert (–1)” after
starting snmpd. I adjusted the options in /etc/conf.d/snmpd and changed
SNMPD\_FLAGS to “${OPTS} -LS6d”. However, this change did not seem to be
honored on a restart of snm...Was getting “error on subcontainer ‘ia\_addr’ insert (–1)” after
starting snmpd. I adjusted the options in /etc/conf.d/snmpd and changed
SNMPD\_FLAGS to “${OPTS} -LS6d”. However, this change did not seem to be
honored on a restart of snmpd.
After digging, I believe there is an error in /etc/init.d/snmpd — at the
end of line 23, should read ${SNMPD\_FLAGS} instead of ${OPTS}.
*(from redmine: issue id 2802, created on 2014-04-03, closed on 2014-06-05)*
* Changesets:
* Revision b397342b75569a89669b0e836957c9cb82b56e5e on 2014-05-28T15:56:57Z:
```
main/net-snmp: update initd, adding reload function
fixes #2802
(cherry picked from commit 92cf69a075d0baaf47f6d2870ce07b6de3b83248)
```Alpine 2.7.9https://gitlab.alpinelinux.org/alpine/aports/-/issues/2688startx doesn't initialize xauth correctly2019-07-23T14:12:27ZIgor Falcomatastartx doesn't initialize xauth correctlythe default /etc/X11/xinit/xserverrc ignores command line arguments
invoked from startx:
xxx:~\# cat /etc/X11/xinit/xserverrc
\#!/bin/sh
exec /usr/bin/X -nolisten tcp
Launching startx from the command line invokes xserverrc with ...the default /etc/X11/xinit/xserverrc ignores command line arguments
invoked from startx:
xxx:~\# cat /etc/X11/xinit/xserverrc
\#!/bin/sh
exec /usr/bin/X -nolisten tcp
Launching startx from the command line invokes xserverrc with display
name and -auth file, but both are ignored:
xinit /home/user/.xinitrc — /etc/X11/xinit/xserverrc :0 -auth
/tmp/serverauth.fd4FKQvDkW
^
this way, all local users are allowed to connect to the X server,
ignoring the xauth file.
If this isn’t an intended/known behaviour, maybe we can add a $@ at
the
end of the command line in xserverrc, or just remove this file and add
the “-nolisten tcp” in the defaultserverargs variable of startx.
Login managers (or at least slim) launches X directly with a correct
-auth param and thus aren’t affected by this.
*(from redmine: issue id 2688, created on 2014-02-19, closed on 2014-06-25)*
* Changesets:
* Revision 41017a742b9a035ade09a5f019126f1896595236 by Natanael Copa on 2014-05-29T17:02:43Z:
```
main/xinit: initialize xauth properly
ref #2688
```
* Revision d8ce3daced7fdef47007d6217a87c39febbe62aa by Natanael Copa on 2014-06-19T08:33:31Z:
```
main/xinit: initialize xauth properly
fixes #2688
(cherry picked from commit 41017a742b9a035ade09a5f019126f1896595236)
Conflicts:
main/xinit/APKBUILD
```Alpine 2.7.9Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3086phpMyAdmin: self-XSS due to unescaped HTML output (CVE-2014-4348 CVE-2014-4349)2019-07-23T14:06:30ZAlexander BelousphpMyAdmin: self-XSS due to unescaped HTML output (CVE-2014-4348 CVE-2014-4349)CVE-2014-4349:
Self-XSS due to unescaped HTML output in navigation items hiding
feature.
Affected Versions:
Versions 4.1.x (prior to 4.1.14.1) and 4.2.x (prior to 4.2.4) are
affected.
CONFIRM: http://www.phpmyadmin.net/home\_page/s...CVE-2014-4349:
Self-XSS due to unescaped HTML output in navigation items hiding
feature.
Affected Versions:
Versions 4.1.x (prior to 4.1.14.1) and 4.2.x (prior to 4.2.4) are
affected.
CONFIRM: http://www.phpmyadmin.net/home\_page/security/PMASA-2014-3.php
CVE-2014-4348:
Self-XSS due to unescaped HTML output in recent/favorite tables
navigation.
Affected Versions:
All versions since 4.2.0 and prior to 4.2.4 are affected.
CONFIRM: http://www.phpmyadmin.net/home\_page/security/PMASA-2014-2.php
*(from redmine: issue id 3086, created on 2014-06-24, closed on 2014-06-26)*
* Changesets:
* Revision ecf6433da8009b96fecd6546f7dd9de9a67cf86f by Natanael Copa on 2014-06-25T16:43:49Z:
```
main/phpmyadmin: security upgrade to 4.2.4 (CVE-2014-4348,CVE-2014-4349)
fixes #3086
```3.0.1Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3085[v3.0] tiff: remote DoS and possibly arbitrary code execution (CVE-2013-4243)2019-07-23T14:06:30ZAlexander Belous[v3.0] tiff: remote DoS and possibly arbitrary code execution (CVE-2013-4243)Heap-based buffer overflow in the readgifimage function in the gif2tiff
tool in libtiff 4.0.3 and earlier allows remote attackers to cause a
denial of service (crash) and possibly execute arbitrary code via a
crafted height and width val...Heap-based buffer overflow in the readgifimage function in the gif2tiff
tool in libtiff 4.0.3 and earlier allows remote attackers to cause a
denial of service (crash) and possibly execute arbitrary code via a
crafted height and width values in a GIF image.
•CONFIRM: http://bugzilla.maptools.org/show\_bug.cgi?id=2451
•CONFIRM: https://bugzilla.redhat.com/show\_bug.cgi?id=996052
•DEBIAN:DSA-2744
•URL: http://www.debian.org/security/2013/dsa-2744
•REDHAT:RHSA-2014:0223
•URL: http://rhn.redhat.com/errata/RHSA-2014-0223.html
•SECUNIA:54543
•URL: http://secunia.com/advisories/54543
•SECUNIA:54628
•URL: http://secunia.com/advisories/54628
*(from redmine: issue id 3085, created on 2014-06-24, closed on 2014-06-25)*
* Relations:
* parent #3081
* Changesets:
* Revision c04fae121c1371383ff55425b1296bbc993ff23c by Natanael Copa on 2014-06-24T14:34:57Z:
```
main/tiff: security fixes for CVE-2013-4243 and CVE-2013-4244
fixes #3085
```3.0.1Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3080[v3.0] samba: remote information leak and DoS (CVE-2014-0178 CVE-2014-0244 CV...2019-07-23T14:06:36ZAlexander Belous[v3.0] samba: remote information leak and DoS (CVE-2014-0178 CVE-2014-0244 CVE-2014-3493)CVE-2014-0178:
Samba 3.6.6 through 3.6.23, 4.0.x before 4.0.18, and 4.1.x before 4.1.8,
when a certain vfs shadow copy configuration is enabled, does not
properly initialize the SRV\_SNAPSHOT\_ARRAY response field, which
allows remote ...CVE-2014-0178:
Samba 3.6.6 through 3.6.23, 4.0.x before 4.0.18, and 4.1.x before 4.1.8,
when a certain vfs shadow copy configuration is enabled, does not
properly initialize the SRV\_SNAPSHOT\_ARRAY response field, which
allows remote authenticated users to obtain potentially sensitive
information from process memory via a (1) FSCTL\_GET\_SHADOW\_COPY\_DATA
or (2) FSCTL\_SRV\_ENUMERATE\_SNAPSHOTS request.
•CONFIRM: http://www.samba.org/samba/security/CVE-2014-0178
•Bugtraq: http://seclists.org/bugtraq/2014/Jun/137
CVE-2014-0244:
Samba 3.6.x to 4.1.8 are affected by a denial of service attack on
unauthenticated nmbd NetBIOS name services.
•CONFIRM: http://www.samba.org/samba/security/CVE-2014-0244
CVE-2014-3493:
Samba 3.6.x to 4.1.8 are affected by a denial of service crash involving
overwriting memory on an authenticated connection to the smbd file
server.
•CONFIRM: http://www.samba.org/samba/security/CVE-2014-3493
*(from redmine: issue id 3080, created on 2014-06-24, closed on 2014-06-25)*
* Relations:
* parent #3076
* Changesets:
* Revision f627bd8b1a814a45ae23c03af368ea17cd1fae3b by Natanael Copa on 2014-06-25T09:46:43Z:
```
main/samba: security upgrade to 4.1.9 (CVE-2014-0244,CVE-2014-3493)
fixes #3080
```3.0.1Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3073/dev/snd has wrong group permissions2019-07-23T14:06:43Zstf -/dev/snd has wrong group permissionsall files under /dev/snd are group owned by root.
to make them owned by the audio group the following has to be added to
/etc/mdev.conf
SUBSYSTEM=sound;.\*root:audio 0660
*(from redmine: issue id 3073, created on 2014-06-23, closed o...all files under /dev/snd are group owned by root.
to make them owned by the audio group the following has to be added to
/etc/mdev.conf
SUBSYSTEM=sound;.\*root:audio 0660
*(from redmine: issue id 3073, created on 2014-06-23, closed on 2014-06-26)*
* Changesets:
* Revision c1238794b6c5fdb908a474366e3565660213c6f9 by Natanael Copa on 2014-06-25T16:41:05Z:
```
main/busybox-initscripts: fix ownership for /dev/snd/*
ref #3073
```
* Revision b54d6311973e7939e63c1860b51d25de255755cb by Natanael Copa on 2014-06-25T16:42:21Z:
```
main/busybox-initscripts: fix ownership for /dev/snd/*
fixes #3073
(cherry picked from commit c1238794b6c5fdb908a474366e3565660213c6f9)
```3.0.1https://gitlab.alpinelinux.org/alpine/aports/-/issues/3071[v3.0] php: buffer overflow on bad DNS TXT records (CVE-2014-4049)2019-07-23T14:06:44ZAlexander Belous[v3.0] php: buffer overflow on bad DNS TXT records (CVE-2014-4049)PHP heap-based buffer overflow in DNS TXT record parsing. \`dlen\` can
be small but then the chunk length could exceed it and overrun the
buffer.
An example site with this bug is berlin.polemb.net running this code:
$types = array(‘AA...PHP heap-based buffer overflow in DNS TXT record parsing. \`dlen\` can
be small but then the chunk length could exceed it and overrun the
buffer.
An example site with this bug is berlin.polemb.net running this code:
$types = array(‘AAAA’ =>1, ‘A’ =>1);
$records = dns\_get\_record(“berlin.polemb.net”,
DNS\_A | DNS\_TXT | DNS\_AAAA | DNS\_CNAME,
);
var\_dump($records);
Reference:
https://security-tracker.debian.org/tracker/CVE-2014-4049
CONFIRM: https://github.com/php/php-src/pull/690
COMMIT:
https://github.com/php/php-src/commit/4f73394fdd95d3165b4391e1b0dedd57fced8c3b
*(from redmine: issue id 3071, created on 2014-06-20, closed on 2014-06-24)*
* Relations:
* parent #3067
* Changesets:
* Revision dcee4cf33c4ab66afecc711d4fad9c871046bd4c by Natanael Copa on 2014-06-23T16:12:55Z:
```
main/php: fix CVE-2014-4049
fixes #3071
(cherry picked from commit fec747b9906380f6b5bc0cb26a8f387014b81b72)
```3.0.1Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3066[v3.0] nspr: remote arbitrary code execution or DoS (CVE-2014-1545)2019-07-23T14:06:49ZAlexander Belous[v3.0] nspr: remote arbitrary code execution or DoS (CVE-2014-1545)Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote
attackers to execute arbitrary code or cause a denial of service
(out-of-bounds write) via vectors involving the sprintf and console
functions.
•CONFIRM:
http://www.mo...Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote
attackers to execute arbitrary code or cause a denial of service
(out-of-bounds write) via vectors involving the sprintf and console
functions.
•CONFIRM:
http://www.mozilla.org/security/announce/2014/mfsa2014-55.html
•CONFIRM: https://bugzilla.mozilla.org/show\_bug.cgi?id=1018783
•CONFIRM: https://bugzilla.redhat.com/show\_bug.cgi?id=1107432
•BID:67975
•URL: http://www.securityfocus.com/bid/67975
•SECUNIA:58984
•URL: http://secunia.com/advisories/58984
*(from redmine: issue id 3066, created on 2014-06-20, closed on 2014-06-24)*
* Relations:
* parent #3062
* Changesets:
* Revision 22351c5ebdc3062220252dc46be1d4971484577b by Natanael Copa on 2014-06-20T10:46:21Z:
```
main/nspr: security upgrade to 4.10.6 (CVE-2014-1545)
fixes #3066
```3.0.1Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3061alpine 3.0 virtio_net2019-07-23T14:06:54ZAvin Siguranialpine 3.0 virtio_netafter upgrading to alpine linux 3.0.0 (kernel 3.14.4-2-grsec, 64 bit
alpine):
machines runing as kvm virtual machines instantly crash and enter a
shutdown state. This also happens when using these devices with the
3.0.0 installation cd...after upgrading to alpine linux 3.0.0 (kernel 3.14.4-2-grsec, 64 bit
alpine):
machines runing as kvm virtual machines instantly crash and enter a
shutdown state. This also happens when using these devices with the
3.0.0 installation cd.
I am using fedora 20, though I’m not sure that makes a difference. I’m
not set up to test this on other distros conveniently and don’t
currently have the time.
*(from redmine: issue id 3061, created on 2014-06-19, closed on 2014-06-26)*
* Changesets:
* Revision a06a5c4ccfc45573498c1b3337fa9f095b3837ae by Natanael Copa on 2014-06-24T13:32:07Z:
```
main/linux-grsec: upgrade to grsecurity-3.0-3.14.8-201406222110
This fixes #3061 the virtio nic driver issue
(cherry picked from commit aa208ccf55f922c1eaa884efd00dff1cf5abae7b)
```3.0.1https://gitlab.alpinelinux.org/alpine/aports/-/issues/3059Runscript of 'named' (BIND) has two depend() sections2019-07-23T14:06:55ZPanthera TigrisRunscript of 'named' (BIND) has two depend() sectionsThe file /etc/init.d/named has two separate depend() sections, which may
not be what we really want.
--- /etc/init.d/named
+++ /dev/null
@@ -1,91 +0,0 @@
-#!/sbin/runscript
-
-extra_commands="checkconfig checkzon...The file /etc/init.d/named has two separate depend() sections, which may
not be what we really want.
--- /etc/init.d/named
+++ /dev/null
@@ -1,91 +0,0 @@
-#!/sbin/runscript
-
-extra_commands="checkconfig checkzones"
-extra_started_commands="reload"
-
-depend() {
- need net
- use logger
- provide dns
-}
-
-: ${NAMED_CONF:=/etc/bind/named.conf}
-
-depend() {
- need net
- after firewall
- use logger
- provide dns
-}
-
*(from redmine: issue id 3059, created on 2014-06-19, closed on 2014-06-26)*
* Changesets:
* Revision 051dbd728f4b93f84b41ad61ceb7e7aa5f144d87 by Natanael Copa on 2014-06-19T11:53:23Z:
```
main/bind: remove duplicate depend function
fixes #3059
(cherry picked from commit 6f89add111b93cf1ba82a68db9e37d8288987567)
```3.0.1Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3054Alpine 3 OSPF protocol unrecognized2019-07-23T14:06:57ZAlessandro MussoAlpine 3 OSPF protocol unrecognizedrtr:/\# iptable -A INPUT -p ospf -j ACCEPT
iptables v1.4.21: unknown protocol “ospf” specified
rtr:/\# uname -rv
3.14.5-0-grsec \#1-Alpine SMP Tue Jun 3 07:45:15 GMT 2014
rtr:/\# apk version musl
Installed: Available:
musl-1.1....rtr:/\# iptable -A INPUT -p ospf -j ACCEPT
iptables v1.4.21: unknown protocol “ospf” specified
rtr:/\# uname -rv
3.14.5-0-grsec \#1-Alpine SMP Tue Jun 3 07:45:15 GMT 2014
rtr:/\# apk version musl
Installed: Available:
musl-1.1.2-r0 = 1.1.2-r0
*(from redmine: issue id 3054, created on 2014-06-18, closed on 2014-06-26)*3.0.1https://gitlab.alpinelinux.org/alpine/aports/-/issues/3053cvs version2019-07-23T14:06:58Zalgitbotcvs versionThe cvs version in Alpine, cvs-1.12.13-r3 seems to hang in some
situations.
I don’t quite understand cvs versions, but 1.12 seems to be form the
non stable branch, and 1.11.23 from
http://ftp.gnu.org/non-gnu/cvs/source/stable/1.11.2...The cvs version in Alpine, cvs-1.12.13-r3 seems to hang in some
situations.
I don’t quite understand cvs versions, but 1.12 seems to be form the
non stable branch, and 1.11.23 from
http://ftp.gnu.org/non-gnu/cvs/source/stable/1.11.23/ is as far as I
can see the latest stable version (and released later), and works
without problems (compiles fine with the patch from sabotage Linux
https://github.com/sabotage-linux/sabotage/blob/master/KEEP/cvs1.patch
).
for me this command line hangs and gdb not very useful:
cvs -z3 -d :pserver:anoncvs@anoncvs.netbsd.org:/cvsroot checkout -P
src/build.sh src/Makefile src/Makefile.inc src/tools src/common
src/include src/share/mk src/etc/Makefile.params src/etc/master.passwd
src/etc/group src/lib/libc src/lib/libutil src/lib/librump
src/lib/librumpuser src/lib/librumpclient src/lib/librumphijack
src/lib/librumpdev src/lib/librumpnet src/lib/librumpvfs
src/external/bsd/flex src/external/bsd/mdocml src/external/bsd/byacc
src/external/cddl/osnet src/external/historical/nawk src/bin/cat
src/usr.bin/make src/usr.bin/xinstall src/usr.bin/config
src/usr.bin/mktemp src/usr.bin/sed src/usr.bin/tsort
src/usr.bin/lorder src/usr.bin/join src/usr.bin/cksum src/usr.bin/m4
src/usr.bin/mkdep src/usr.bin/Makefile.inc src/usr.bin/rpcgen
src/usr.bin/rump\_server src/usr.bin/rump\_allserver
src/usr.bin/rump\_wmd src/usr.bin/stat src/usr.bin/shmif\_dumpbus
src/usr.sbin/mtree !src/sys/arch src/sys src/sys/arch/amd64/include
src/sys/arch/amd64/amd64 src/sys/arch/amd64/Makefile
src/sys/arch/i386/include src/sys/arch/i386/i386
src/sys/arch/i386/Makefile src/sys/arch/x86/include
src/sys/arch/x86/x86 src/sys/arch/x86/Makefile
src/sys/arch/arm/include src/sys/arch/arm/arm
src/sys/arch/arm/Makefile src/sys/arch/evbarm/include
src/sys/arch/evbarm/evbarm src/sys/arch/evbarm/Makefile
src/sys/arch/sparc/include src/sys/arch/sparc/sparc
src/sys/arch/sparc/Makefile src/sys/arch/sparc64/include
src/sys/arch/sparc64/sparc64 src/sys/arch/sparc64/Makefile
src/sys/arch/powerpc/include src/sys/arch/powerpc/powerpc
src/sys/arch/powerpc/Makefile src/sys/arch/evbppc/include
src/sys/arch/evbppc/evbppc src/sys/arch/evbppc/Makefile
src/sys/arch/mips/include src/sys/arch/mips/mips
src/sys/arch/mips/Makefile src/sys/arch/evbmips/include
src/sys/arch/evbmips/evbmips src/sys/arch/evbmips/Makefile
src/sys/arch/arm/arm32 src/sys/arch/Makefile
Justin
*(from redmine: issue id 3053, created on 2014-06-17, closed on 2014-06-26)*
* Changesets:
* Revision 88d93b7f7c885b50d119e8163baa3b9fa95d76db by Timo Teräs on 2014-06-26T10:38:03Z:
```
main/cvs: downgrade to newest stable release 1.11.23
patch is from sabotage
use "apk upgrade -a" to allow downgrade
fixes #3053
(cherry picked from commit 83ffc4f50711f8ed4a73a0962ad0dcf9c5e89c7f)
```3.0.1Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3052[v3.0] kernel: multiple issues2019-07-23T14:06:59ZAlexander Belous[v3.0] kernel: multiple issuesMultiple vulnerabilities were discovered and fixed in the Linux kernel:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2897
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0069
http://cve.mitre.org/cgi-bin/cvename.cgi...Multiple vulnerabilities were discovered and fixed in the Linux kernel:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2897
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0069
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0077
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0101
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1874
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2039
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2309
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2523
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2672
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2678
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2706
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3917
*(from redmine: issue id 3052, created on 2014-06-16, closed on 2017-05-17)*
* Relations:
* parent #30483.0.1Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3044[v3.0] wireshark: multiple issues fixed in v1.10.8 (CVE-2014-4020)2019-07-23T14:07:05ZAlexander Belous[v3.0] wireshark: multiple issues fixed in v1.10.8 (CVE-2014-4020)New release of wireshark with multiple fixes was issued.
Vulnerable versions are 1.10.0-1.10.7.
References:
http://www.wireshark.org/docs/relnotes/wireshark-1.10.8.html
https://www.wireshark.org/security/wnpa-sec-2014-07.html
*(...New release of wireshark with multiple fixes was issued.
Vulnerable versions are 1.10.0-1.10.7.
References:
http://www.wireshark.org/docs/relnotes/wireshark-1.10.8.html
https://www.wireshark.org/security/wnpa-sec-2014-07.html
*(from redmine: issue id 3044, created on 2014-06-16, closed on 2014-06-19)*
* Relations:
* parent #3042
* Changesets:
* Revision f1fc43ca0acb7bc80fed38190f89ba02877af6eb by Natanael Copa on 2014-06-17T08:29:15Z:
```
main/wireshark: security upgrade to 1.10.8 (CVE-2014-4020)
fixes #3044
```3.0.1Natanael CopaNatanael Copa